Track and drive audit partners through the onboarding and enablement lifecycle; maintain internal trackers and coordinate across teams.
Keep the auditor directory accurate and current; verify accreditation status and update partner profiles.
Assist the SME in mapping audit evidence requirements to platform capabilities; prepare reference data and document findings.
Sprinto is an AI-native GRC platform that helps organizations manage risks, audits, vendor oversight, and continuous monitoring from a single connected platform. With a team of 350+ employees serving 3,000+ customers across 75+ countries, they combine scale with expertise to deliver trust and compliance.
Performing testing activities end-to-end, identifying control gaps for remediation and acting as a subject matter expert in both IT and regulatory risk.
Partnering with Operations, Compliance, Information Security, Engineering, Product, and Legal teams to translate complex regulatory requirements into actionable technical processes.
Collaborating with risk owners to provide credible challenge to remediation plans and track findings using GRC tools (Audit Board).
Anchorage Digital is building the world’s most advanced digital asset platform for institutions to participate in crypto. They enable institutions to participate in digital assets through custody, staking, trading, governance, settlement, and security infrastructure. With over 600 employees, their team is united in building the future of finance by providing the foundation upon which value moves safely in the new global economy and are funded by leading institutions including Andreessen Horowitz, GIC, Goldman Sachs, KKR, and Visa, with its Series D valuation over $3 billion.
Oversee the company’s compliance program and policies including audit readiness, and regulatory certification efforts.
Partner with IT Security, Risk, Legal, and Audit teams to ensure project deliverables support compliance with ISO 27001, SOC 1, PCI DSS, and HIPAA/HITECH standards.
Develop IT and Compliance project plans, set deadlines and owners for specific tasks, and track the progress of each project
Element Critical provides hybrid infrastructure solutions in an expanding portfolio of data center facilities across the country. They aim to meet the diverse needs of today’s business and technology leaders by delivering superior service and product offerings, cultivating trusted relationships with their customers, and motivating and enabling their employees.
Safeguard assets and global reputation, acting as a strategic partner.
Lead risk mitigation strategies and ensure compliance with global standards.
Develop a world-class GRC program that aligns with strategic goals.
EcoVadis is the leading provider of business sustainability ratings. Our solutions are backed by an international team of experts and powerful technology. They analyze data and build sustainability scorecards that give companies actionable insights into their environmental, social and ethical risks.
Apply compliance frameworks to assess, design, and implement security controls.
Conduct compliance gap assessments and develop remediation plans.
Create and maintain key documentation tailored to client needs.
AHEAD builds platforms for digital business by weaving together advances in cloud infrastructure, automation and analytics, and software delivery. They prioritize creating a culture of belonging where all perspectives and voices are represented, valued, respected, and heard.
Conduct rigorous audits of HLDs and LLDs, providing formal written approval for compliant designs.
Enforce data sovereignty requirements by validating routing paths and ensuring cross-border data flows comply with frameworks such as GDPR, UK IPA, and lawful intercept regulations.
Validate life-safety routing by ensuring that voice architecture templates meet requirements for e911, Kari’s Law, and Ray Baum’s Act.
Miratech helps visionaries change the world by bringing together enterprise and start-up innovation, supporting digital transformation for some of the world's largest enterprises. Miratech is a values-driven organization with nearly 1000 full-time professionals and an annual growth rate exceeding 25%.
Own security posture, compliance programs, and audit readiness.
Lead all IT functions supporting corporate and program needs.
Provide guidance and escalation support for IT hardware/software issues as needed.
Red Cell Partners is an incubation firm building and investing in rapidly scalable technology-led companies. They bring revolutionary advancements to market in healthcare, cyber, and national security and are united by a shared sense of duty.
Own and maintain security and compliance documentation, including policies and procedures.
Support commercial teams in complex information security and compliance negotiations.
Manage ISO 27001 compliance, certification maintenance, and audit preparations.
Gearset handles Salesforce DevOps for some of the world's largest companies. The company operates with a modern approach to security and compliance in a growing, ambitious environment.
Build & own Treeline's internal security and compliance program.
Deliver compliance outcomes directly for customers.
Help build and grow Treeline's Compliance-as-a-Service (CaaS) offering.
Treeline is developing software to transform traditional Managed Service Providers into a software-defined model using automation and AI. They are a small, effective team that values execution, modern tooling, and minimal bureaucracy.
Support the execution and continuous improvement of Qohash’s security program.
Support risk assessments, track identified risks, and help coordinate remediation efforts.
Maintain security policies, standards, awareness materials, and support internal security training initiatives.
Qohash is building a foundational pillar of Canada’s digital sovereignty, believing security must scale differently. They look for bold, mission-driven individuals with technical depth and strategic clarity who collaborate across disciplines to protect sensitive data.
Owns and manages the organization’s enterprise certification frameworks.
Develop and maintain policies and procedures supporting certification frameworks.
Support proposal teams by validating and documenting certification compliance.
Lynker Corporation is a leading provider of innovative solutions in weather and climate science. They leverage cutting-edge technologies and scientific expertise to support improved operational weather forecasts. Lynker is a growing, employee-owned business specializing in professional, scientific, and technical services with a team-oriented work environment.
Own CMMC 2.0 and SOC 2 end-to-end, including control design and implementation.
Lead all IT functions supporting corporate and program needs, owning IT architecture and tooling decisions.
Provide guidance and escalation support for IT hardware/software issues; mentor IT Support Specialist & Cloud Infrastructure Engineer.
DEFCON AI leverages artificial intelligence, mathematical optimization, data analytics, and software engineering for resilient optimization of complex systems. They align outcomes with operational goals, better decision making, and empower customers to anticipate, assess, and mitigate the impacts of disruptions.
Responsible for LINK’s day-to-day IT operations, cybersecurity program, and regulatory compliance posture.
Primary internal owner of IT governance and federal compliance, leading the organization through its Cybersecurity Maturity Model Certification (CMMC) Level 2 third-party assessment.
Build repeatable processes and a maturing IT infrastructure that supports LINK’s continued growth as a government contractor.
LINK is a fast-growing Woman Owned Small Business (WOSB) that leverages human-centered design to support strategy, innovation, communication, change, and branding within the federal government and adjacent industry partners. They partner with engineers, futurists, and thought leaders to untangle complexity, discover opportunity, and communicate clearly with visual stories.
This role supports the organization's compliance program.
Monitors adherence to healthcare regulations, identifies risks, and conducts audits.
Provides education to staff on compliance-related matters.
Curai believes access to high-quality healthcare is a fundamental human right, not a privilege. They aim to transform healthcare delivery using AI and clinical expertise, making care affordable and effective. The company focuses on improving health outcomes and is committed to a diverse and inclusive environment.
Demonstrates understanding of the Federal Financial Improvement Act (FFMIA) requirements.
Plans, executes, and reports on information systems controls assessments.
Provides summary reports and working papers with detailed results and actionable recommendations.
TekSynap is a fast-growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well-planned information management environment. They aim to nimbly utilize the best that information technology offers to meet the business needs of Federal Government customers.
Manage compliance issues through identification and resolution.
Design and maintain compliance workflows and controls.
Analyze data to identify risks and improve processes.
HealthEquity's mission is to save and improve lives by empowering healthcare consumers. We are passionate about providing a solution that allows American families to connect health and wealth. They value their employees as individuals and encourage a welcoming and inclusive environment.
Lead the development and documentation of fourteen foundational IT Asset Management policies over 18 months, ensuring alignment with federal standards and audit readiness.
Translate complex IT asset management concepts and compliance requirements into clear, plain-language documentation accessible to users of varying technical backgrounds.
Conduct stakeholder interviews, synthesize multi-source data, and collaborate cross-functionally to gather inputs and validate policy drafts for organizational alignment.
Kentro, formerly IT Concepts, is a technology and business solutions company that delivers innovative services to support national missions, particularly for federal clients. The company fosters a collaborative, team-oriented culture, holds multiple ISO and CMMI certifications, and is recognized for its growth and positive workplace environment.
Lead the development of executive-level reporting on IT risk and compliance.
Own and evolve the firm’s IT risk register and Risk & Control Self-Assessment (RCSA) program.
Analyze incident, change, and problem management data to identify trends and improvement opportunities.
Wilson Sonsini is the premier legal advisor to technology, life sciences, and other growth enterprises worldwide. The firm has approximately 1,100 attorneys in 17 offices and fosters an entrepreneurial spirit and team-oriented approach for all employees.
Execute validation activities for GxP computerized systems using a risk-based Computer Software Assurance (CSA) approach and author/maintain associated documentation.
Serve as the validation lead for key GxP platforms, ensuring systems remain compliant with global regulations and data integrity principles like ALCOA+.
Support IT due diligence for third-party vendors, maintain inspection readiness, and collaborate cross-functionally with Quality, IT, and business stakeholders.
Kyverna Therapeutics is a patient-centered, clinical-stage biopharmaceutical company developing cell therapies for patients suffering from autoimmune diseases. The company is guided by core values including collaboration and innovation, operating in a fast-paced, regulated environment committed to transforming autoimmune disease treatment.
Execute and enhance governance, risk, and compliance operations for Socure's public sector business, managing vulnerability remediation and audit readiness.
Coordinate external assessments, maintain FedRAMP/GovRAMP documentation, and automate evidence collection to meet rigorous framework standards.
Design automation-first continuous monitoring programs, lead vulnerability management, and serve as a security subject matter expert for public sector sales activities.
Socure builds identity trust infrastructure for the digital economy, verifying identities and preventing fraud. The company hires people who move fast, think critically, act like owners, and care deeply about solving customer problems.